Visitor advice

From Noisebridge
(Difference between revisions)
Jump to: navigation, search
(New page: To avoid misunderstandings, here's some advice to help you understand what you're getting into. If this appeals to you, then we look forward to seeing you! ====Come with an open mind====...)
 
(Who is welcome)
(32 intermediate revisions by 20 users not shown)
Line 1: Line 1:
To avoid misunderstandings, here's some advice to help you understand what you're getting into.  If this appeals to you, then we look forward to seeing you!
+
Welcome to Noisebridge! We're glad you're interested in our space and we look forward to seeing you soon. Here's some advice to help you
 +
understand what you're getting into and see if it appeals to you.
  
====Come with an open mind====
+
====Who is welcome====
There's a lot to see and learn at Noisebridge.  If you've already made up your mind on a lot of things, then you'll be unlikely to enjoy it to its fullest.
+
Everyone is welcome and encouraged to visit Noisebridge.  We ask that visitors follow our rule of "be excellent to each other" in the best spirit they can.  Visitors can drop by anytime unannounced.  You do not need an invitation, or to be attending a scheduled event/class.  It may be wise to follow the advice below on the best times to visit, to ensure there are people there who can let you in.
  
====Not "child-safe"====
+
Noisebridge is [[Accessibility | wheelchair accessible]] though people who use wheelchairs may need help with the heavy manual [[elevator]] doors.
We are not limited in what we like to explore to what some would consider "appropriate" for a child to be exposed to.  To that end, there are many adult-themed ideas and concepts that all people entering the space will come across.  Children are as welcome in the space as any other person - just be prepared for what they may encounter.
+
 
 +
====Come with an open mind====
 +
Noisebridge is largely about learning and exploring, and there's lots to see and learn here!  Activities at Noisebridge include hanging out, working on personal or group projects, and scheduled or improptu workshops and classes on a range of topics, from foreign languages to photography, lockpicking, woodworking, computer programming and mathematics.
  
 
====Some times are better than others====
 
====Some times are better than others====
We have many scheduled activities in the space, and many of us have day jobs.   
+
We have many scheduled activities in the space, and many of us have day jobs.  You can coordinate the time of your visit to ensure that you can find people to talk with (and to let you into the building!)
* If you're interested in activities, check out our schedule.
+
 
 +
* Are you new? Wondering when to drop by? Come by any evening - you don't have to wait for a class or a meeting. Any night there will be people hanging out, and you're welcome to show up, say "I'm new!" and get a tour, join an outing for food, or just relax and work on your laptop until a conversation of interest comes up.
 +
* If you're interested in particular activities, check out our schedule, posted on the [[Noisebridge|main page]] of this site.
 
* If you'd like to come during unstructured time and talk with lots of people, after hours is best.
 
* If you'd like to come during unstructured time and talk with lots of people, after hours is best.
 
* If you'd prefer a quieter environment, come earlier in the day.
 
* If you'd prefer a quieter environment, come earlier in the day.
* You're unlikely to find people in the space before noon on most days.
+
* If you'd like to see the anarco-syndicalist factory of how a long-living hackspace is maintaining, tag along to our Tuesday 8pm meeting, where the sausage is made often excitingly
 +
* You're unlikely to find many people in the space before noon on most days.
 +
* This is discussed in painful detail at [[Hours]]
 +
* The people around you may not know you well, but they will love you more if you fix a random thing. Even if its just plates of dishes or an obviously dirty desk.
 +
 
 +
====Who's in charge?====
 +
 
 +
You are! Noisebridge attempts to be as leaderless and as non-hierarchical and unruly as we can get. We encourage anyone in the space to be as responsible as anyone else. If you're new, that means the person who you first meet is as good as anyone else to ask questions of.
 +
 
 +
====Our code of conduct====
 +
Our code of conduct is "be excellent to one another".  Please respect the other people you meet at Noisebridge and the Noisebridge space itself.
 +
We welcome visitors because we believe in our community and want to share the things we're working on with everyone. We also have [[community standards]].
 +
 
 +
====Other people's stuff====
 +
Please try to be careful with the things you find at Noisebridge, and recognize that the things on shelves are other people's stuff.
 +
 
 +
====Not "child-safe"====
 +
We have not limited what we like to explore or discuss according to anyone's notions of "appropriateness" for children.  Thus, anyone entering the space can be exposed to ideas, concepts, language and items which some would consider "adult-themed".  We also have some tools and materials that can be hazardous for children or adults if used improperly.  Children are as welcome in the space as any other person - just be prepared for what they may encounter.
 +
 
 +
====Hostile network====
 +
The network at Noisebridge - like any public network - should be regarded as potentially hostile. This means that you should assume that any unencrypted communications over the network could be (and most likely are) monitored by others. Examples of vulnerable communications include POP3/IMAP email clients, most web browsing, IRC/AIM and similar chat protocols that are often not encrypted. While no issues have come up to date, and our code of conduct opposes malicious monitoring of others, it is wise to be aware of the potential. Stick to using SSL or secure tunnels or VPNs for anything that uses a password or that you otherwise wouldn't want other people to read. If you don't know how to protect your communications with encryption, many people at Noisebridge would be glad to help you out! (It would be nice if someone would provide links to a decent guide here.)
 +
 
 +
=====Attempt at a Semi Decent Guide=====
 +
 
 +
The most secure option you have is to set up [https://inside.mines.edu/~gmurray/HowTo/sshNotes.html an SSH tunnel] to a remote server, and then use a proxy server like [http://www.pps.jussieu.fr/~jch/software/polipo/ Polipo] to forward all your HTTP through that server.  Done properly, this will encrypt all your traffic without any further worries.  If you do not have SSH access to a remote server, then you can use Tor or similar to encrypt your traffic without exposing it to the Noisebridge network.
 +
 
 +
The fallback position is to ensure that as many services as possible use HTTPS by default (especially webmail) and at least have browser based solution to protect against [http://en.wikipedia.org/wiki/Cross-site_request_forgery CRSF]/[http://en.wikipedia.org/wiki/Cross-site_scripting XSS] attacks for everything else.  This may happen even if the website itself is solid -- if you're on a compromised internal network, the attacker can inject content into any HTML page that you're reading.
 +
 
 +
Recommended Firefox Addons:
 +
 
 +
* Certificate Patrol: https://addons.mozilla.org/en-US/firefox/addon/certificate-patrol/
 +
* Perspectives: https://www.networknotary.org/firefox.html
 +
* HTTPS Everywhere: https://www.eff.org/https-everywhere
 +
* Noscript (even with "all access" it still catches many CSRF/XSS attacks): https://addons.mozilla.org/en-US/firefox/addon/noscript/
 +
 
 +
Recommended Chrome Extensions:
 +
 
 +
* KB SSL Enforcer: https://chrome.google.com/extensions/detail/flcpelgcagfhfoegekianiofphddckof
 +
* NotScripts: https://chrome.google.com/extensions/detail/odjhifogjcknibkahlpidmdajjpkkcfn
 +
 
 +
Recommended General Security:
  
====Excellence required!====
+
* If you use Google, [http://googleblog.blogspot.com/2011/02/advanced-sign-in-security-for-your.html two factor authentication] is vastly more secure than just a password.
Our "golden rule" of "be excellent to each other" we take fairly seriously.  Please respect the cool space that you'll be enjoying. It's only because we believe in it and want to share with everyone that we're welcoming you at allPlease try to be careful with what you find there, and the recognize that the things on shelves are other people's stuff.
+
* Although coming up with a good password is nice, you're far more secure if you use a password manager like KeyPass or 1PasswordThe best password is one you don't remember. 
 +
* If someone gets their hands on the physical machine, all bets are off.  Try to avoid strange USB sticks and CDs, even if they look shiny.

Revision as of 18:09, 10 October 2012

Welcome to Noisebridge! We're glad you're interested in our space and we look forward to seeing you soon. Here's some advice to help you understand what you're getting into and see if it appeals to you.

Contents

Who is welcome

Everyone is welcome and encouraged to visit Noisebridge. We ask that visitors follow our rule of "be excellent to each other" in the best spirit they can. Visitors can drop by anytime unannounced. You do not need an invitation, or to be attending a scheduled event/class. It may be wise to follow the advice below on the best times to visit, to ensure there are people there who can let you in.

Noisebridge is wheelchair accessible though people who use wheelchairs may need help with the heavy manual elevator doors.

Come with an open mind

Noisebridge is largely about learning and exploring, and there's lots to see and learn here! Activities at Noisebridge include hanging out, working on personal or group projects, and scheduled or improptu workshops and classes on a range of topics, from foreign languages to photography, lockpicking, woodworking, computer programming and mathematics.

Some times are better than others

We have many scheduled activities in the space, and many of us have day jobs. You can coordinate the time of your visit to ensure that you can find people to talk with (and to let you into the building!)

  • Are you new? Wondering when to drop by? Come by any evening - you don't have to wait for a class or a meeting. Any night there will be people hanging out, and you're welcome to show up, say "I'm new!" and get a tour, join an outing for food, or just relax and work on your laptop until a conversation of interest comes up.
  • If you're interested in particular activities, check out our schedule, posted on the main page of this site.
  • If you'd like to come during unstructured time and talk with lots of people, after hours is best.
  • If you'd prefer a quieter environment, come earlier in the day.
  • If you'd like to see the anarco-syndicalist factory of how a long-living hackspace is maintaining, tag along to our Tuesday 8pm meeting, where the sausage is made often excitingly
  • You're unlikely to find many people in the space before noon on most days.
  • This is discussed in painful detail at Hours
  • The people around you may not know you well, but they will love you more if you fix a random thing. Even if its just plates of dishes or an obviously dirty desk.

Who's in charge?

You are! Noisebridge attempts to be as leaderless and as non-hierarchical and unruly as we can get. We encourage anyone in the space to be as responsible as anyone else. If you're new, that means the person who you first meet is as good as anyone else to ask questions of.

Our code of conduct

Our code of conduct is "be excellent to one another". Please respect the other people you meet at Noisebridge and the Noisebridge space itself. We welcome visitors because we believe in our community and want to share the things we're working on with everyone. We also have community standards.

Other people's stuff

Please try to be careful with the things you find at Noisebridge, and recognize that the things on shelves are other people's stuff.

Not "child-safe"

We have not limited what we like to explore or discuss according to anyone's notions of "appropriateness" for children. Thus, anyone entering the space can be exposed to ideas, concepts, language and items which some would consider "adult-themed". We also have some tools and materials that can be hazardous for children or adults if used improperly. Children are as welcome in the space as any other person - just be prepared for what they may encounter.

Hostile network

The network at Noisebridge - like any public network - should be regarded as potentially hostile. This means that you should assume that any unencrypted communications over the network could be (and most likely are) monitored by others. Examples of vulnerable communications include POP3/IMAP email clients, most web browsing, IRC/AIM and similar chat protocols that are often not encrypted. While no issues have come up to date, and our code of conduct opposes malicious monitoring of others, it is wise to be aware of the potential. Stick to using SSL or secure tunnels or VPNs for anything that uses a password or that you otherwise wouldn't want other people to read. If you don't know how to protect your communications with encryption, many people at Noisebridge would be glad to help you out! (It would be nice if someone would provide links to a decent guide here.)

Attempt at a Semi Decent Guide

The most secure option you have is to set up an SSH tunnel to a remote server, and then use a proxy server like Polipo to forward all your HTTP through that server. Done properly, this will encrypt all your traffic without any further worries. If you do not have SSH access to a remote server, then you can use Tor or similar to encrypt your traffic without exposing it to the Noisebridge network.

The fallback position is to ensure that as many services as possible use HTTPS by default (especially webmail) and at least have browser based solution to protect against CRSF/XSS attacks for everything else. This may happen even if the website itself is solid -- if you're on a compromised internal network, the attacker can inject content into any HTML page that you're reading.

Recommended Firefox Addons:

Recommended Chrome Extensions:

Recommended General Security:

  • If you use Google, two factor authentication is vastly more secure than just a password.
  • Although coming up with a good password is nice, you're far more secure if you use a password manager like KeyPass or 1Password. The best password is one you don't remember.
  • If someone gets their hands on the physical machine, all bets are off. Try to avoid strange USB sticks and CDs, even if they look shiny.
Personal tools